Focal update: v5.4.156 upstream stable release

Bug #1951295 reported by Kamal Mostafa
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Fix Released
Kamal Mostafa

Bug Description

SRU Justification

       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

       v5.4.156 upstream stable release
       from git://

parisc: math-emu: Fix fall-through warnings
net: switchdev: do not propagate bridge updates across bridges
tee: optee: Fix missing devices unregister during optee_remove
ARM: dts: at91: sama5d2_som1_ek: disable ISC node by default
xtensa: xtfpga: use CONFIG_USE_OF instead of CONFIG_OF
xtensa: xtfpga: Try software restart before simulating CPU reset
NFSD: Keep existing listeners on portlist error
dma-debug: fix sg checks in debug_dma_map_sg()
ASoC: wm8960: Fix clock configuration on slave mode
netfilter: ipvs: make global sysctl readonly in non-init netns
lan78xx: select CRC32
net: dsa: lantiq_gswip: fix register definition
NIOS2: irqflags: rename a redefined register name
net: hns3: reset DWRR of unused tc to zero
net: hns3: add limit ets dwrr bandwidth cannot be 0
net: hns3: disable sriov before unload hclge layer
net: stmmac: Fix E2E delay mechanism
net: enetc: fix ethtool counter name for PM0_TERR
can: rcar_can: fix suspend/resume
can: peak_usb: pcan_usb_fd_decode_status(): fix back to ERROR_ACTIVE state notification
can: peak_pci: peak_pci_remove(): fix UAF
can: j1939: j1939_tp_rxtimer(): fix errant alert in j1939_tp_rxtimer
can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv
can: j1939: j1939_xtp_rx_dat_one(): cancel session if receive TP.DT with error length
can: j1939: j1939_xtp_rx_rts_session_new(): abort TP less than 9 bytes
ceph: fix handling of "meta" errors
ocfs2: fix data corruption after conversion from inline format
ocfs2: mount fails with buffer overflow in strlen
elfcore: correct reference to CONFIG_UML
vfs: check fd has read access in kernel_read_file_from_fd()
ALSA: usb-audio: Provide quirk for Sennheiser GSP670 Headset
ALSA: hda/realtek: Add quirk for Clevo PC50HS
ASoC: DAPM: Fix missing kctl change notifications
audit: fix possible null-pointer dereference in audit_filter_rules
powerpc64/idle: Fix SP offsets when saving GPRs
KVM: PPC: Book3S HV: Fix stack handling in idle_kvm_start_guest()
KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest
powerpc/idle: Don't corrupt back chain when going idle
mm, slub: fix mismatch between reconstructed freelist depth and cnt
mm, slub: fix potential memoryleak in kmem_cache_open()
nfc: nci: fix the UAF of rf_conn_info object
isdn: cpai: check ctr->cnr to avoid array index out of bound
netfilter: Kconfig: use 'default y' instead of 'm' for bool config option
selftests: netfilter: remove stray bash debug line
gcc-plugins/structleak: add makefile var for disabling structleak
btrfs: deal with errors when checking if a dir entry exists during log replay
net: stmmac: add support for dwmac 3.40a
ARM: dts: spear3xx: Fix gmac node
isdn: mISDN: Fix sleeping function called from invalid context
platform/x86: intel_scu_ipc: Update timeout value in comment
ALSA: hda: avoid write to STATESTS if controller is in reset
Input: snvs_pwrkey - add clk handling
scsi: core: Fix shost->cmd_per_lun calculation in scsi_add_host_with_dma()
tracing: Have all levels of checks prevent recursion
ARM: 9122/1: select HAVE_FUTEX_CMPXCHG
pinctrl: stm32: use valid pin identifier in stm32_pinctrl_resume()
Linux 5.4.156
UBUNTU: upstream stable to v5.4.156

CVE References

Changed in linux (Ubuntu):
status: New → Confirmed
tags: added: kernel-stable-tracking-bug
Changed in linux (Ubuntu Focal):
status: New → In Progress
importance: Undecided → Medium
assignee: nobody → Kamal Mostafa (kamalmostafa)
Changed in linux (Ubuntu):
status: Confirmed → Invalid
description: updated
Stefan Bader (smb)
Changed in linux (Ubuntu Focal):
status: In Progress → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (19.0 KiB)

This bug was fixed in the package linux - 5.4.0-92.103

linux (5.4.0-92.103) focal; urgency=medium

  * focal/linux: 5.4.0-92.103 -proposed tracker (LP: #1952316)

  * Packaging resync (LP: #1786013)
    - [Packaging] resync update-dkms-versions helper
    - debian/dkms-versions -- update from kernel-versions (main/2021.11.29)

  * CVE-2021-4002
    - tlb: mmu_gather: add tlb_flush_*_range APIs
    - hugetlbfs: flush TLBs correctly after huge_pmd_unshare

  * Re-enable DEBUG_INFO_BTF where it was disabled (LP: #1945632)
    - [Config] Enable CONFIG_DEBUG_INFO_BTF on all arches

  * Focal linux-azure: Vm crash on Dv5/Ev5 (LP: #1950462)
    - KVM: VMX: eVMCS: make evmcs_sanitize_exec_ctrls() work again
    - jump_label: Fix usage in module __init

  * Support builtin revoked certificates (LP: #1932029)
    - Revert "UBUNTU: SAUCE: (lockdown) Make get_cert_list() not complain about
      cert lists that aren't present."
    - integrity: Move import of MokListRT certs to a separate routine
    - integrity: Load certs from the EFI MOK config table
    - certs: Add ability to preload revocation certs
    - integrity: Load mokx variables into the blacklist keyring
    - certs: add 'x509_revocation_list' to gitignore
    - SAUCE: Dump stack when X.509 certificates cannot be loaded
    - [Packaging] build canonical-revoked-certs.pem from branch/arch certs
    - [Packaging] Revoke 2012 UEFI signing certificate as built-in
    - [Config] Configure CONFIG_SYSTEM_REVOCATION_KEYS with revoked keys

  * Support importing mokx keys into revocation list from the mok table
    (LP: #1928679)
    - efi: Support for MOK variable config table
    - efi: mokvar-table: fix some issues in new code
    - efi: mokvar: add missing include of asm/early_ioremap.h
    - efi/mokvar: Reserve the table only if it is in boot services data
    - SAUCE: integrity: add informational messages when revoking certs

  * Support importing mokx keys into revocation list from the mok table
    (LP: #1928679) // CVE-2020-26541 when certificates are revoked via
    - SAUCE: integrity: Load mokx certs from the EFI MOK config table

  * Focal update: v5.4.157 upstream stable release (LP: #1951883)
    - ARM: 9133/1: mm: proc-macros: ensure *_tlb_fns are 4B aligned
    - ARM: 9134/1: remove duplicate memcpy() definition
    - ARM: 9139/1: kprobes: fix arch_init_kprobes() prototype
    - ARM: 9141/1: only warn about XIP address when not compile testing
    - ipv6: use siphash in rt6_exception_hash()
    - ipv4: use siphash instead of Jenkins in fnhe_hashfun()
    - usbnet: sanity check for maxpacket
    - usbnet: fix error return code in usbnet_probe()
    - Revert "pinctrl: bcm: ns: support updated DT binding as syscon subnode"
    - ata: sata_mv: Fix the error handling of mv_chip_id()
    - nfc: port100: fix using -ERRNO as command type mask
    - net/tls: Fix flipped sign in tls_err_abort() calls
    - mmc: vub300: fix control-message timeouts
    - mmc: cqhci: clear HALT state after CQE enable
    - mmc: dw_mmc: exynos: fix the finding clock sample value
    - mmc: sdhci: Map more voltage level to SDHCI_POWER_330
    - mmc: sdhci-esdhc-imx: clear the buffe...

Changed in linux (Ubuntu Focal):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers